Manifest

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/2bf1b1-1683-4c99-9fbe-dbee66d73313/1/OGKIZa_YpN-v3e-BHvz8ecA4czI.mft
File:                     OGKIZa_YpN-v3e-BHvz8ecA4czI.mft (raw, json)
Hash identifier:          t+E0dXIfgW56lhjI/lqEBAopmPlNstZlpVPjnTlWEHc=
Subject key identifier:   42:88:59:33:35:05:5C:07:8F:88:4D:4D:6E:AA:57:CF:B4:EB:C2:66
Authority key identifier: 38:62:88:65:AF:D8:A4:DF:AF:DD:EF:81:1E:FC:FC:79:C0:38:73:32
Certificate issuer:       /CN=38628865afd8a4dfafddef811efcfc79c0387332
Certificate serial:       019A71B8F3162C5C6454A8CB081EC783B2CF
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/OGKIZa_YpN-v3e-BHvz8ecA4czI.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/85/2bf1b1-1683-4c99-9fbe-dbee66d73313/1/OGKIZa_YpN-v3e-BHvz8ecA4czI.mft
Manifest number:          0C16
Signing time:             Tue 11 Nov 2025 07:02:17 +0000
Manifest this update:     Tue 11 Nov 2025 07:02:17 +0000
Manifest next update:     Wed 12 Nov 2025 07:02:17 +0000
Files and hashes:         1: OGKIZa_YpN-v3e-BHvz8ecA4czI.crl (hash: Ky7/bMR1eM7AxigzTOO+9oEz5HSxHWIO6f/WeFpuEqg=)
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/85/2bf1b1-1683-4c99-9fbe-dbee66d73313/1/OGKIZa_YpN-v3e-BHvz8ecA4czI.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/85/2bf1b1-1683-4c99-9fbe-dbee66d73313/1/OGKIZa_YpN-v3e-BHvz8ecA4czI.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/OGKIZa_YpN-v3e-BHvz8ecA4czI.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Wed 12 Nov 2025 07:02:17 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9a:71:b8:f3:16:2c:5c:64:54:a8:cb:08:1e:c7:83:b2:cf
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=38628865afd8a4dfafddef811efcfc79c0387332
        Validity
            Not Before: Nov 11 07:02:17 2025 GMT
            Not After : Nov 12 07:02:17 2025 GMT
        Subject: CN=4288593335055c078f884d4d6eaa57cfb4ebc266
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:b0:b2:c0:69:32:93:85:8d:80:2b:9b:c2:6e:21:
                    f5:a3:5a:3a:b6:82:b9:4b:3b:bf:2c:db:17:5f:e3:
                    71:94:79:d2:19:0f:08:1d:bc:8b:31:e6:c5:dc:32:
                    b9:94:c2:62:86:53:66:b4:dc:98:80:a8:21:9c:8c:
                    00:4c:04:4a:90:82:13:f1:93:a8:08:02:2c:b5:34:
                    dc:d9:ab:06:13:4a:f9:3f:df:f8:85:10:1b:d3:01:
                    b4:60:0c:f0:73:ff:ec:23:e0:86:32:c6:bd:12:9e:
                    f1:21:e9:ca:30:3e:23:db:a8:50:6f:b0:7e:b7:6e:
                    51:66:28:b6:bf:64:3a:38:8c:6d:fb:20:a9:10:98:
                    e9:45:b9:c9:a0:7a:20:42:2c:77:47:93:a4:91:21:
                    a3:79:14:37:b7:ca:f8:69:82:99:6e:0d:a9:0d:62:
                    24:ca:a9:84:77:97:e3:c2:d1:76:f7:cb:6b:76:84:
                    5e:ff:9e:3b:23:6c:f2:45:9e:dc:bf:24:a0:ae:63:
                    0f:78:0f:45:9a:a7:26:e4:6b:32:c8:21:b0:50:16:
                    24:14:45:0d:14:d0:0c:1e:e2:c0:8b:40:5a:1e:be:
                    4c:9a:46:ba:c9:85:11:77:9a:9c:62:0c:bd:0d:76:
                    60:95:74:a5:dd:83:03:d0:d4:cd:ff:32:5e:db:1d:
                    78:33
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                42:88:59:33:35:05:5C:07:8F:88:4D:4D:6E:AA:57:CF:B4:EB:C2:66
            X509v3 Authority Key Identifier:
                keyid:38:62:88:65:AF:D8:A4:DF:AF:DD:EF:81:1E:FC:FC:79:C0:38:73:32

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OGKIZa_YpN-v3e-BHvz8ecA4czI.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/2bf1b1-1683-4c99-9fbe-dbee66d73313/1/OGKIZa_YpN-v3e-BHvz8ecA4czI.mft

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/85/2bf1b1-1683-4c99-9fbe-dbee66d73313/1/OGKIZa_YpN-v3e-BHvz8ecA4czI.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4: inherit
                IPv6: inherit

            sbgp-autonomousSysNum: critical
                Autonomous System Numbers:
                  inherit

    Signature Algorithm: sha256WithRSAEncryption
         35:59:68:46:65:b1:b7:68:e6:5e:35:4b:b8:5b:dd:0c:61:dd:
         ea:fc:a1:ac:ff:dc:b0:41:4a:ed:0a:ff:33:9d:3f:24:62:4e:
         06:5e:63:70:7b:cd:3f:d5:1d:d0:44:98:44:8b:64:a3:bb:8e:
         28:c3:fe:35:ec:0e:f1:c8:bb:36:e4:02:81:5d:31:ec:19:c1:
         0e:61:04:fe:07:49:15:39:b0:65:be:03:ea:01:ab:68:a8:b2:
         4c:cb:36:d2:ba:dd:04:ce:10:a6:87:ce:d7:d0:ef:7a:56:db:
         ec:d2:d6:87:15:7b:12:54:44:ea:c4:c0:f2:7d:28:02:26:e2:
         4c:3c:a5:b3:17:b0:f6:7d:d8:51:33:93:2b:8c:7a:d2:8b:7a:
         05:9d:74:85:bb:b7:48:58:c5:90:fa:c0:75:9e:85:36:39:0c:
         c2:71:bc:b7:94:89:dd:80:75:a2:51:14:74:9d:11:dd:e5:e0:
         1f:7e:52:a0:ee:9b:4b:6f:d6:0e:2a:b6:34:ec:58:64:48:87:
         ff:ce:2b:9f:e3:ab:7f:48:7f:46:4a:ac:de:22:8e:d4:fd:0c:
         a4:0c:94:78:a8:30:ba:49:1e:0e:bd:8b:76:c9:e4:32:ab:0e:
         59:2d:fa:74:1a:60:d7:99:c2:a5:e7:08:1f:d8:72:fe:f8:47:
         06:62:eb:07
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZpxuPMWLFxkVKjLCB7Hg7LPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4NjI4ODY1YWZkOGE0ZGZhZmRkZWY4MTFlZmNmYzc5YzAz
ODczMzIwHhcNMjUxMTExMDcwMjE3WhcNMjUxMTEyMDcwMjE3WjAzMTEwLwYDVQQD
Eyg0Mjg4NTkzMzM1MDU1YzA3OGY4ODRkNGQ2ZWFhNTdjZmI0ZWJjMjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsLLAaTKThY2AK5vCbiH1o1o6toK5
Szu/LNsXX+NxlHnSGQ8IHbyLMebF3DK5lMJihlNmtNyYgKghnIwATARKkIIT8ZOo
CAIstTTc2asGE0r5P9/4hRAb0wG0YAzwc//sI+CGMsa9Ep7xIenKMD4j26hQb7B+
t25RZii2v2Q6OIxt+yCpEJjpRbnJoHogQix3R5OkkSGjeRQ3t8r4aYKZbg2pDWIk
yqmEd5fjwtF298trdoRe/547I2zyRZ7cvySgrmMPeA9Fmqcm5GsyyCGwUBYkFEUN
FNAMHuLAi0BaHr5Mmka6yYURd5qcYgy9DXZglXSl3YMD0NTN/zJe2x14MwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFEKIWTM1BVwHj4hNTW6qV8+068JmMB8GA1UdIwQY
MBaAFDhiiGWv2KTfr93vgR78/HnAOHMyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0dLSVphX1lwTi12M2UtQkh2ejhlY0E0Y3pJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS8yYmYxYjEtMTY4My00Yzk5LTlmYmUt
ZGJlZTY2ZDczMzEzLzEvT0dLSVphX1lwTi12M2UtQkh2ejhlY0E0Y3pJLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS8yYmYxYjEtMTY4My00Yzk5LTlmYmUtZGJlZTY2ZDczMzEz
LzEvT0dLSVphX1lwTi12M2UtQkh2ejhlY0E0Y3pJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEANVloRmWx
t2jmXjVLuFvdDGHd6vyhrP/csEFK7Qr/M50/JGJOBl5jcHvNP9Ud0ESYRItko7uO
KMP+NewO8ci7NuQCgV0x7BnBDmEE/gdJFTmwZb4D6gGraKiyTMs20rrdBM4QpofO
19Dvelbb7NLWhxV7ElRE6sTA8n0oAibiTDylsxew9n3YUTOTK4x60ot6BZ10hbu3
SFjFkPrAdZ6FNjkMwnG8t5SJ3YB1olEUdJ0R3eXgH35SoO6bS2/WDiq2NOxYZEiH
/84rn+Orf0h/Rkqs3iKO1P0MpAyUeKgwukkeDr2LdsnkMqsOWS36dBpg15nCpecI
H9hy/vhHBmLrBw==
-----END CERTIFICATE-----